Featured Slideshow

When security researchers are silenced by governments or private companies, it’s often to the detriment of technology users of all ilks. Ignorance is certainly not bliss when it comes to digital... read more

The number of things getting plugged into the "Internet of Things" has already reached the point of satire. But there's a new, extremely low power technology that's being prepared for market that... read more

Following formal complaints by Ericsson, the U.S. International Trade Commission on Monday showed intent to launch an investigation into Apple's potentially illegal use of patented LTE technology.... read more

Chinese equipment supplier Huawei has been facing fears in the UK over exactly how secure their gear really is. To assuage these fears the company created the Huawei Cyber Security Evaluation Centre... read more

So Apple is going to start selling their long-anticipated Apple Watches at the end of April and with prices starting at $349 and climbing from there, the fact that it requires the user to carry an... read more

Critical bugs disclosed in Duesseldorf Airport web infrastructure

An anonymous Vulnerability Laboratory Researcher issued a security advisory this week stating that multiple critical SQL injection vulnerabilities on the web infrastructure of the famous German Duesseldorf Internalional Airport has been found. The security issues have been submitted multiple times to the DUS-INT Airport Web Team and after no response regarding the security issues, the bug has been disclosed.

The vulnerabilities are located on multiple web service modules of the airport application. Some vulnerable example modules were located on the Shoplist, Media Info & Photoarchive. The remote vulnerability allows an attacker to execute SQL commands on the vulnerable modules. Successful exploitation can result in access to all database tables, and retrieval of sensitive information like customer passwords, usernames, IDs, addresses etc.

Vulnerability Lab noted that it had informed the airport about the vulnerabilities in April 2011. "Unfortunately, we never received a reply. When doing a check, we found that the holes were only closed a few weeks ago", security expert Benjamin Kunz Mejri told heise Security Security. After the report was made public, the DUS-INT Airport Team responded to Vulnerability-Labs.